跨域资源共享 CORS

概述

如果需要在前端与不同域的后端进行通信，可以在后端配置CORS，允许指定的域名访问后端资源。

开始

通过配置合适的响应头，可以明确指定允许的来源域、请求方法和头部信息。

Node.js

app.all('*', function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "X-Requested-With");
  res.header("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS");
  res.header("X-Powered-By",' 3.2.1')
  res.header("Content-Type", "application/json;charset=utf-8");
  res.header("Access-Control-Allow-Credentials", "true");
  next();
});

Nginx

server {
    listen 80;
    server_name localhost; #你的域名
    root html;
    index index.html index.htm;

    add_header Access-Control-Allow-Origin "*";
    add_header Access-Control-Allow-Credentials "true";
    add_header Access-Control-Allow-Methods "PUT,POST,GET,DELETE,OPTIONS";
    add_header Access-Control-Allow-Headers "token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,XRequested-With";

    location / {
        proxy_pass http://localhost:3000; #你的代理服务
    }
}